Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Microsoft Boosts Windows Defender ATP Security

Microsoft previews some of the new capabilities coming to its threat protection product for businesses in the forthcoming Creators Update for Windows 10.

There's more to the Windows 10 Creators Update virtual reality (VR) experiences and features aimed at creative professionals. For businesses, the system software upgrade will also enhance Windows Defender Advanced Threat Protection's (ATP) ability to uncover stealthy attacks.

Borrowing the name of the antimalware software that comes bundled in the company's flagship operating system, Windows Defender ATP is a cloud-based data security service that provides advanced breach detection based on the information gathered by Microsoft's massive threat intelligence system. This coming spring, it's due for a big upgrade.

"Windows Creators Update improves our OS memory and kernel sensors to enable detection of attackers who are employing in-memory and kernel-level attacks—shining a light into previously dark spaces where attackers hid from conventional detection tools," wrote Avi Sagiv, principal program manager of Windows Defender ATP at Microsoft. "We've already successfully leveraged this new technology against zero-days attacks on Windows."

Windows Defender ATP also battles one of most pernicious threats affecting businesses today. The product will feature enhanced ransomware detection capabilities that employ the company's behavioral and machine-learning technologies to counter the malware as it evolves.

Microsoft is among a growing number of technology companies that are employing machine-learning and artificial intelligence (AI) to shore up their IT defenses.

Last month, information security startup PatterEx opened its doors and launched its Threat Prediction Platform. The software uses an AI technology called Active Contextual Modeling to mimic the instincts of human security analysts in real-time. According to the company's CEO and co-founder Uday Veeramachaneni, the platform can detect 10 times more threats while generating fewer false positives compared to machine learning-based approaches to anomaly detection.

Microsoft is also helping organizations unravel intrusions that may have gone unnoticed in prior months.

When Windows Defender ATP discovers a new security threat, its' historical detection feature enables administrators to check if it paid a visit in the past. The feature can apply new detection rules to up to the past six months of security data to unearth previously undetected attacks.

The management experience is also getting a makeover.

The Windows Defender Security Center interface's alert page now generates a process tree visualization that amasses a collection of detections and related security events into a single, time-saving view. Sagiv asserted that the updated page provides more information up front, slashing the time it takes security teams to investigate and resolve incidents.

The solution will enable users to take immediate action, stopping attacks in their tracks. IT workers can now instantly isolate infected systems to prevent them from affecting other systems, or delve even further by killing or quarantining specific running processes. They can also elect to outright ban certain dangerous files from a network, thwarting attempts to distribute malware.